[ovs-dev] [PATCH v7 00/10] Add support for offloading CT datapath rules to TC

Paul Blakey paulb at mellanox.com
Sun Jan 5 08:57:20 UTC 2020


On 1/3/2020 9:32 AM, Simon Horman wrote:
> On Sun, Dec 22, 2019 at 12:16:33PM +0200, Paul Blakey wrote:
>> The following patchset introduces hardware offload of OVS connection
>> tracking datapath rules.
>>
>> OVS uses ct() and recirc() (recirculation) actions and recirc_id()/ct_state()
>> matches to support connection tracking.
>>
>> The datapath rules are in the form of:
>>
>> recirc_id(0),in_port(dev1),eth_type(0x0800),ct_state(-trk) actions:ct(),recirc(2)
>> recirc_id(2),in_port(dev1),eth_type(0x0800),ct_state(+trk+est) actions:4
>>
>> This patchset will translate ct_state() and recirc_id() matches to tc
>> ct_state and chain matches respectively. The datapath actions ct() and recirc()
>> will be translated to tc actions ct and goto chain respectively.
>>
>> The tc equivalent commands for the above rules are:
>>
>> $ tc filter add dev dev1 ingress \
>>                      prio 1 chain 0 proto ip \
>>                                  flower tcp ct_state -trk \
>>                                  action ct pipe \
>>                                  action goto chain 2
>>                                  
>> $ tc filter add dev dev1 ingress \
>>                      prio 1 chain 2 proto ip \
>>                                  flower tcp ct_state +trk+est \
>>                                  action mirred egress redirect dev dev2
>>
> Hi Paul,
>
> Happy New Year!
>
> Thanks for persisting with this series.
>
> I was waiting to see if there was further review and I waited longer
> than I might have otherwise due to the end-of-year holiday season.
> Perhaps I did not wait long enough but I do think this series looks good.
> And the delta between recent versions has been quite small. So I think
> that any further feedback can be addressed by follow-up patches.
>
> I have applied this series to master.


Hi,

Happy new year :)

Thanks for merging.

Paul.



>
>> Thanks,
>> Paul
>>
>> Paul Blakey (10):
>>    match: Add match_set_ct_zone_masked helper
>>    compat: Add tc ct action and flower matches defines for older kernels
>>    tc: Introduce tcf_id to specify a tc filter
>>    netdev-offload-tc: Implement netdev tc flush via tc filter del
>>    dpif: Add support to set user features
>>    tc: Move tunnel_key unset action before output ports
>>    netdev-offload-tc: Add recirculation support via tc chains
>>    netdev-offload-tc: Add conntrack support
>>    netdev-offload-tc: Add conntrack label and mark support
>>    netdev-offload-tc: Add conntrack nat support
>>
>>   datapath/linux/compat/include/linux/openvswitch.h |   3 +
>>   include/linux/automake.mk                         |   3 +-
>>   include/linux/pkt_cls.h                           |  46 +-
>>   include/linux/tc_act/tc_ct.h                      |  41 ++
>>   include/openvswitch/match.h                       |   2 +
>>   lib/dpif-netdev.c                                 |   1 +
>>   lib/dpif-netlink.c                                |  63 ++-
>>   lib/dpif-provider.h                               |   2 +
>>   lib/dpif.c                                        |   9 +
>>   lib/dpif.h                                        |   2 +
>>   lib/match.c                                       |  10 +-
>>   lib/netdev-linux.c                                |   6 +-
>>   lib/netdev-offload-tc.c                           | 607 +++++++++++++++-------
>>   lib/netdev-offload.h                              |   3 +
>>   lib/tc.c                                          | 448 ++++++++++++----
>>   lib/tc.h                                          | 112 +++-
>>   16 files changed, 1070 insertions(+), 288 deletions(-)
>>   create mode 100644 include/linux/tc_act/tc_ct.h
>>
>> -- 
>> 1.8.3.1
>>


More information about the dev mailing list